cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2014.4.26.45 - Nicolas Coolman (26/04/2014)
~ Lancé par lolo (27/04/2014 15:37:40)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16521
MFIE: Mozilla Firefox 28.0 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8.1, 64-bit (Build 9600)
Windows Server License Manager Script : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : 2WD2D
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 2.0.1.1004
Windows Defender W8

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 16303 MB (82% free)
System Restore: Activé (Enable)
System drive C: has 177 GB (74%) free of 237 GB

---\\ Mode de connexion au système
~ Computer Name: MSILOLO
~ User Name: lolo
~ All Users Names: lolo, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\lolo\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\lolo\AppData\Roaming\
~ %Desktop% : C:\Users\lolo\Desktop\
~ %Favorites% : C:\Users\lolo\Favorites\
~ %LocalAppData% : C:\Users\lolo\AppData\Local\
~ %StartMenu% : C:\Users\lolo\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 177 Go of 237 Go)
D: Hard drive, Flash drive, Thumb drive (Free 913 Go of 913 Go)
E: Floppy drive, Flash card reader, USB Key (Free 1 Go of 14 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.63DC38C3E4564B2405D562855643ABA2] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2014 - 02:01:20.) -- C:\Windows\Explorer.exe [2328872]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Application de démarrage de Windows.) (.22/08/2013 - 10:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.01/03/2014 - 04:10:28.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.7C94FDA3809015B8F2208D2E1C221F17] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.22/08/2013 - 10:55:08.) -- C:\Windows\System32\Winlogon.exe [564736]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/12/2013 - 09:54:07.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.22/08/2013 - 14:25:35.) -- C:\Windows\system32\Drivers\AFD.sys [567296]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 13:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 12:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 09:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.5DB26D7E0216D0BF364A81D3829AD7B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.22/08/2013 - 12:38:00.) -- C:\Windows\system32\Drivers\DfsC.sys [134656]
[MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.22/08/2013 - 12:38:38.) -- C:\Windows\system32\Drivers\HDAudBus.sys [78336]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Pilote de port i8042.) (.22/08/2013 - 12:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.25/02/2014 - 02:12:52.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.79B6F3DF7CDFD12159871FF71464F0CE] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.25/02/2014 - 02:12:52.) -- C:\Windows\system32\Drivers\MRxSmb.sys [403456]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 12:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.725EF69B2DBEB7B33280019A556201BC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.10/03/2014 - 11:35:58.) -- C:\Windows\system32\Drivers\ntfs.sys [2008408]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.22/08/2013 - 12:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 12:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.22/08/2013 - 20:11:06.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 14:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.C85C075DE5B6D0FE116043054DE8EE02] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.31/01/2014 - 17:15:23.) -- C:\Windows\system32\Drivers\volsnap.sys [311640]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes Favoris (My Favorites) : 1/3
~ Mes Documents (My Documents) : 1/442
~ Mon Bureau (My Desktop) : 1/14
~ Menu demarrer (Programs) : 1/25
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lancés
[MD5.41AD6110110A2E89957F831DCBFAF892] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [6963512] [PID.4568]
[MD5.DF2FCA0CC92944F85193967116326AEB] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840] [PID.5040]
[MD5.8E556A72D54F7E3B7844AB9217F02DD7] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.5804]
[MD5.63DA8D81C46AE1C08DB45AD81E2AD541] - (.Intel Corporation - ISCT SysTray.) -- C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5545448] [PID.7116]
[MD5.661991A72A4FD29F0EB21245DC1ADD30] - (.Creative Technology Ltd - Sound Blaster Cinema 2.) -- C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe [1440768] [PID.7128]
[MD5.D80F3A9CD8CFFB2579338933749553B4] - (.MSI - Super-Charger.) -- C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480] [PID.6592]
[MD5.4738DC864215B00B886E27A8D18CC326] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592] [PID.7040]
[MD5.7EA50DC775B557AD1E06ABF3C7A2A24D] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7869952] [PID.400]
~ Processes Running: Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (.not file.)
O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\WINDOWS\system32\nvspcap64.dll
O4 - HKLM\..\Run: [BTMTrayAgent] . (.Motorola Solutions, Inc. - Bluetooth Shell Extension.) -- C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll
O4 - HKLM\..\Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe (.not file.)
O4 - HKLM\..\Run: [Radio Manager] . (.MSI - Radio Manager.) -- C:\Program Files (x86)\SCM\Radio Manager.exe
O4 - HKLM\..\Run: [SCM] . (.MSI - SCM.) -- C:\Program Files (x86)\SCM\SCM.exe
O4 - HKLM\..\Run: [MBCfg64] . (.Creative Technology Ltd. - Pas de description.) -- C:\Windows\system32\MBCfg64.dll
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKCU\..\Run: [SteelSeries Engine] . (.SteelSeries ApS - SteelSeries Engine.) -- C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
O4 - HKCU\..\Run: [Driver Manager] . (.PC Drivers Headquarters - DriverManager.) -- C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe
O4 - HKLM\..\Wow6432Node\Run: [Sound Blaster Cinema 2] . (.Creative Technology Ltd - Sound Blaster Cinema 2.) -- C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdReg] . (.Creative Technology Ltd. - Creative UpdReg.) -- C:\Windows\UpdReg.exe
O4 - HKLM\..\Wow6432Node\Run: [Super-Charger] . (.MSI - Super-Charger.) -- C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Wow6432Node\Run: [LiveUpdate 5] . (...) -- C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe
O4 - HKUS\S-1-5-21-571780020-3168872585-3293304777-1002\..\Run: [SteelSeries Engine] . (.SteelSeries ApS - SteelSeries Engine.) -- C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
O4 - HKUS\S-1-5-21-571780020-3168872585-3293304777-1002\..\Run: [Driver Manager] . (.PC Drivers Headquarters - DriverManager.) -- C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe
~ Application: Scanned in 00mn 00s



---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] http.ma-config.com
O15 - Trusted Zone: [HKCU\...\Domains] http.touslesdrivers.com
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{217E4F7F-E283-439C-991F-D3C2C2FBA3F1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{217E4F7F-E283-439C-991F-D3C2C2FBA3F1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (...) -- igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Elan Service (ETDService) . (.ELAN Microelectronics Corp. - Elan Service.) - C:\Program Files\Elantech\ETDService.exe
~ Services: 22 Legitimates Filtered in 00mn 03s



---\\ Tâches planifiées en automatique (O39)
[MD5.85F3530120F2E313515F8CBF347A503F] [APT] [MSI_Dragon Gaming Center] (.TODO: <公司名稱>.) -- C:\Program Files (x86)\MSI\Dragon Gaming Center\mDispatch.exe [1680520]
~ Scheduled Task: 9 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\DriverSupport]
[HKLM\Software\Wow6432Node\Dragon Gaming Center]
~ Key Software: 219 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 25/02/2014 - 18:05:10 - [] ----D C:\Program Files (x86)\Boot Configure
O43 - CFD: 26/04/2014 - 23:30:19 - [] ----D C:\ProgramData\boost_interprocess
~ Program Folder: 118 Legitimates Filtered in 00mn 00s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.5F64F95278EF7F682F84EF0BFC01C4E8] - 25/04/2014 - 04:38:28 ---A- . (...) -- C:\Windows\DtcInstall.log [3608]
O44 - LFC:[MD5.A59CA020A52569657D064CD0D38495E4] - 25/04/2014 - 04:39:05 ---A- . (...) -- C:\Windows\diagerr.xml [30483]
O44 - LFC:[MD5.A59CA020A52569657D064CD0D38495E4] - 25/04/2014 - 04:39:05 ---A- . (...) -- C:\Windows\diagwrn.xml [30483]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 25/04/2014 - 20:18:37 ---A- . (...) -- C:\Recovery.txt [0]
O44 - LFC:[MD5.D78BBE64847BF955D2DA7F373F11E8B5] - 26/04/2014 - 08:51:17 ---A- . (.Bootstrap Development, LLC. - BSD Setup Utility Library.) -- C:\Windows\bsdsetupDH.dll [1646592]
O44 - LFC:[MD5.7F22D012E142A9AE2BD39890B7C087D9] - 26/04/2014 - 09:21:15 ---A- . (...) -- C:\Windows\win.ini [175]
O44 - LFC:[MD5.59075B2A63DF6A568123218BF4DC2696] - 26/04/2014 - 10:30:22 ---A- . (...) -- C:\Windows\System32\CustomModeApp.exe.config [889]
O44 - LFC:[MD5.899E708E589C09700BFF1C73CB7D7002] - 26/04/2014 - 10:30:22 ---A- . (...) -- C:\Windows\System32\CustomModeAppv2_0.exe.config [895]
O44 - LFC:[MD5.59075B2A63DF6A568123218BF4DC2696] - 26/04/2014 - 10:30:23 ---A- . (...) -- C:\Windows\System32\DPTopologyApp.exe.config [889]
O44 - LFC:[MD5.899E708E589C09700BFF1C73CB7D7002] - 26/04/2014 - 10:30:23 ---A- . (...) -- C:\Windows\System32\DPTopologyAppv2_0.exe.config [895]
O44 - LFC:[MD5.899E708E589C09700BFF1C73CB7D7002] - 26/04/2014 - 10:30:23 ---A- . (...) -- C:\Windows\System32\Gfxv2_0.exe.config [895]
O44 - LFC:[MD5.59075B2A63DF6A568123218BF4DC2696] - 26/04/2014 - 10:30:24 ---A- . (...) -- C:\Windows\System32\Gfxv4_0.exe.config [889]
O44 - LFC:[MD5.EEB2021309E12BE3C385E9E1DEDB7110] - 26/04/2014 - 10:30:32 ---A- . (...) -- C:\Windows\System32\igdail64.dll [160256]
O44 - LFC:[MD5.F32B25EC22A8DA5B144D95693E315441] - 26/04/2014 - 10:30:32 ---A- . (...) -- C:\Windows\System32\igdde64.dll [223744]
O44 - LFC:[MD5.0FCC6FB236A4F4A8C5C8230946985C5E] - 26/04/2014 - 10:30:37 ---A- . (...) -- C:\Windows\System32\igdmd64.dll [425856]
O44 - LFC:[MD5.4D5ECFF6828D35EFCA24F01322827DBB] - 26/04/2014 - 10:30:44 ---A- . (...) -- C:\Windows\System32\igfxCPL.cpl [254976]
O44 - LFC:[MD5.5E7A2E92BE847FDC4DDE2318A544FB59] - 26/04/2014 - 10:30:44 ---A- . (...) -- C:\Windows\System32\igfxCUIServicePS.dll [68608]
O44 - LFC:[MD5.2F0D6C6E6D67B0996DDF6AC07CF94523] - 26/04/2014 - 10:30:44 ---A- . (...) -- C:\Windows\System32\igfxDHLib.dll [57344]
O44 - LFC:[MD5.87A80F1E9D216B8A11A7242B2D031624] - 26/04/2014 - 10:30:44 ---A- . (...) -- C:\Windows\System32\igfxDHLibv2_0.dll [69632]
O44 - LFC:[MD5.842F60D24BBB75885651DF33388F589D] - 26/04/2014 - 10:30:44 ---A- . (...) -- C:\Windows\System32\igfxDILib.dll [10752]
O44 - LFC:[MD5.434BC703A32D9D527E6C1D1CC5BBC33D] - 26/04/2014 - 10:30:44 ---A- . (...) -- C:\Windows\System32\igfxDILibv2_0.dll [10240]
O44 - LFC:[MD5.AD5600379309077BD06D0DF2E1964FC5] - 26/04/2014 - 10:30:44 ---A- . (...) -- C:\Windows\System32\igfxEMLib.dll [10240]
O44 - LFC:[MD5.58BD76DD19C87F21983D521C2FEE5E16] - 26/04/2014 - 10:30:44 ---A- . (...) -- C:\Windows\System32\igfxEMLibv2_0.dll [10240]
O44 - LFC:[MD5.0C9B9DD960AE1483094B9093331DC8D8] - 26/04/2014 - 10:30:44 ---A- . (...) -- C:\Windows\System32\igfxLHMLib.dll [5120]
O44 - LFC:[MD5.6C88F01DF0DF66F634C1DA428C8B8E66] - 26/04/2014 - 10:30:44 ---A- . (...) -- C:\Windows\System32\igfxLHMLibv2_0.dll [5120]
O44 - LFC:[MD5.14D0F63B2A95681A99FCC1F290B567DC] - 26/04/2014 - 10:30:44 ---A- . (...) -- C:\Windows\System32\igfxexps.dll [80312]
O44 - LFC:[MD5.2DC14883590068EF3446B0F12B14214C] - 26/04/2014 - 10:30:45 ---A- . (...) -- C:\Windows\System32\iglhxs64.vp [2576]
O44 - LFC:[MD5.17047D24F02F8A8FD3050290DB03B7A7] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resARA.cui [161268]
O44 - LFC:[MD5.7C64F98778D1CEDE9B127D5B08A2D1A2] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resCHS.cui [145574]
O44 - LFC:[MD5.689D71AD257584E9485EC07C0D009586] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resCHT.cui [146403]
O44 - LFC:[MD5.60ACAF7287B507C99B42F02019746A89] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resCSY.cui [152536]
O44 - LFC:[MD5.C3CA8DAFE878973F888004D8A0D5BCCB] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resDAN.cui [149488]
O44 - LFC:[MD5.F952A06650E1E00FF920A831368DE135] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resDEU.cui [154287]
O44 - LFC:[MD5.C4ACB4987AA0560AEE6ED0AD3F74D764] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resELL.cui [179511]
O44 - LFC:[MD5.F0962922D46C060E00510E65EA463614] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resENU.cui [148173]
O44 - LFC:[MD5.C2FE01C84FD18E0186D1F72CD1B4B290] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resESN.cui [154037]
O44 - LFC:[MD5.8D4530712673464C8183AA053240AB89] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resFIN.cui [151989]
O44 - LFC:[MD5.97F2071B652D9D166AECB18549A4E8D5] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resFRA.cui [156105]
O44 - LFC:[MD5.06D37B4DE7F466C183F9F3B44203D5E4] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resHEB.cui [160719]
O44 - LFC:[MD5.656228EB61B135FB5600B1F5B9EEF03A] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resHRV.cui [151552]
O44 - LFC:[MD5.1DFE9B79228C1B6576E030C28AC09F32] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resHUN.cui [156088]
O44 - LFC:[MD5.A3BF3AAC7B20BA92139E9D6789AC1CE3] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resITA.cui [154314]
O44 - LFC:[MD5.CB675854B81535EED9474ABA81AF3B21] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resJPN.cui [160698]
O44 - LFC:[MD5.F06723DFF5F186B8C664F1A757E6C698] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resKOR.cui [154381]
O44 - LFC:[MD5.2A2B52E12B6164D95E18A15BB36E3426] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resNLD.cui [153260]
O44 - LFC:[MD5.8034A7326E3E489196ACF0876B9511DC] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resNOR.cui [150001]
O44 - LFC:[MD5.13EA22E443CC20B286ABE6C15484C299] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resPLK.cui [153601]
O44 - LFC:[MD5.A4A91B5A7A276193FB531DEEA202310D] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resPTB.cui [152700]
O44 - LFC:[MD5.475523329454470D5F03AE0F20F61320] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resPTG.cui [152411]
O44 - LFC:[MD5.E6403DF04D68E9580BA868FB3BC85E4F] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resROM.cui [154148]
O44 - LFC:[MD5.377BFCB95D9162704C9A09C86E6BCE5C] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resRUS.cui [175392]
O44 - LFC:[MD5.C1305107CA0496D729E6D99DB80A6EAB] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resSKY.cui [153459]
O44 - LFC:[MD5.359669C896A7E4553259E1835A9DA10A] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resSLV.cui [150924]
O44 - LFC:[MD5.237C25164DD5BC4BF7CB5B33F5320788] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resSVE.cui [151097]
O44 - LFC:[MD5.777E5775AC577F3D95CF5CA856835E2B] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resTHA.cui [186638]
O44 - LFC:[MD5.EC1F88FA3BF50F1800DBF0297D222C55] - 26/04/2014 - 10:31:02 ---A- . (...) -- C:\Windows\System32\resTRK.cui [152545]
O44 - LFC:[MD5.F7424D6CF244922D045D00F3EF111535] - 26/04/2014 - 10:35:00 ---A- . (...) -- C:\Windows\System32\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat [244]
O44 - LFC:[MD5.3BC10FA856911EAE5FE7CD700FE137B5] - 26/04/2014 - 10:35:00 ---A- . (...) -- C:\Windows\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat [451]
O44 - LFC:[MD5.BB1628CBA617DA2AA3236A92E62A6B3F] - 26/04/2014 - 10:35:11 ---A- . (...) -- C:\Windows\System32\results.xml [19268]
O44 - LFC:[MD5.BE25C7138841E5701987BD3EF16405FA] - 26/04/2014 - 12:24:23 ---A- . (...) -- C:\Windows\DPINST.LOG [26982]
O44 - LFC:[MD5.548BA755098FB9CFA131D9F6D57ED57A] - 26/04/2014 - 12:24:23 ---A- . (...) -- C:\Windows\Synaptics.log [1442]
O44 - LFC:[MD5.E47A844AC4B2A85B1E4EAE78C6E40FD9] - 26/04/2014 - 12:24:37 ---A- . (...) -- C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat [180]
O44 - LFC:[MD5.708B8B1E815B75743877F8A5A26E6AE1] - 26/04/2014 - 21:45:22 ---A- . (...) -- C:\Windows\System32\Configuration.mc [70332]
O44 - LFC:[MD5.2100B28C34C4FCE916A4A61F58E31198] - 27/04/2014 - 09:41:54 ---A- . (...) -- C:\Windows\System32\connectedsearch-results.searchconnector-ms [9701]
O44 - LFC:[MD5.110BE5198A63D3FF3CE9C30F1DC12EC3] - 27/04/2014 - 09:42:01 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [386722]
O44 - LFC:[MD5.FF25183C362383CACACE80B40CBD8FDF] - 27/04/2014 - 09:48:03 ---A- . (...) -- C:\Windows\System32\Drivers\RTAIODAT.DAT [749977]
O44 - LFC:[MD5.D8D654B1ED72074DB63C18FF81569DD4] - 27/04/2014 - 14:22:35 ---A- . (...) -- C:\TDSSKiller.3.0.0.33_27.04.2014_15.21.07_log.txt [8292]
O44 - LFC:[MD5.597F9A45B885C97F77DD941EECC119A4] - 27/04/2014 - 14:32:09 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [159030]
O44 - LFC:[MD5.4F87D8A758A27163BF04F68EE0677623] - 27/04/2014 - 14:32:09 ---A- . (...) -- C:\Windows\System32\prfc0816.dat [164364]
O44 - LFC:[MD5.F85F474D1CB24E002CB6BDE7615475D5] - 27/04/2014 - 14:32:09 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [775938]
O44 - LFC:[MD5.50C7B3335DB0F7C6E041F3216A538648] - 27/04/2014 - 14:32:09 ---A- . (...) -- C:\Windows\System32\prfh0816.dat [789794]
O44 - LFC:[MD5.3529A8C12ADCE28A307BA9439267F377] - 27/04/2014 - 14:33:07 ---A- . (...) -- C:\TDSSKiller.3.0.0.33_27.04.2014_15.25.08_log.txt [1588458]
O44 - LFC:[MD5.1B4FBC317AE93A859E4CC97F76CAF90D] - 27/04/2014 - 14:34:44 ---A- . (...) -- C:\TDSSKiller.3.0.0.33_27.04.2014_15.33.19_log.txt [841276]
~ Files: 321 Legitimates Filtered in 00mn 03s



---\\ Déni du service (Local Security Authority) (O48)
~ LSA: 3 Legitimates Filtered in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\93982252.sys . (...) -- C:\Windows\System32\Drivers\93982252.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\93982252.sys . (...) -- C:\Windows\System32\Drivers\93982252.sys (.not file.)
~ CSB: 19 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:13/08/2013 - 00:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:25/02/2014 - 00:54:21 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys [399112]
O58 - SDL:01/08/2013 - 16:01:32 ---A- . (.Pas de propriétaire - Intel Keyboard Class Upper Filter Driver.) -- C:\Windows\System32\Drivers\ikbevent.sys [21408]
O58 - SDL:01/08/2013 - 16:01:34 ---A- . (.Pas de propriétaire - Intel Mouse Class Upper Filter Driver.) -- C:\Windows\System32\Drivers\imsevent.sys [21920]
O58 - SDL:22/08/2013 - 13:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
~ Drivers: 61 Legitimates Filtered in 00mn 00s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
O63 - Logiciel: RSIT - (.random/random.)
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 26/04/2014 279024 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 27/08/2013 828376 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SS - | Demand 15/03/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 08/01/2014 284912 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 07/11/2013 1186168 | (Bluetooth Device Monitor) . (.Motorola Solutions, Inc..) - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
SR - | Auto 07/11/2013 1161592 | (Bluetooth OBEX Service) . (.Motorola Solutions, Inc..) - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
SR - | Auto 25/02/2014 101680 | (ETDService) . (.ELAN Microelectronics Corp..) - C:\Program Files\Elantech\ETDService.exe
SR - | Auto 08/01/2014 631024 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SR - | Auto 21/11/2013 15720 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 25/02/2014 130008 | (iBtSiva) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
SR - | Auto 26/04/2014 282096 | (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\igfxCUIService.exe
SR - | Auto 27/08/2013 747520 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 10/12/2013 131544 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 10/12/2013 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 10/12/2013 390616 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 01/04/2014 2818888 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
SR - | Auto 03/04/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
SR - | Auto 03/04/2014 857912 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SR - | Auto 02/01/2014 160768 | (Micro Star SCM) . (.Micro-Star International Co., Ltd..) - C:\Program Files (x86)\SCM\MSIService.exe
SR - | Auto 10/09/2013 161776 | (MSI_SuperCharger) . (.MSI.) - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
SR - | Auto 02/04/2014 1617352 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - | Auto 02/04/2014 20542408 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SR - | Auto 11/04/2014 928712 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 22/01/2014 344576 | (Qualcomm Atheros Killer Service V2) . (.Qualcomm Atheros.) - C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
SR - | Auto 08/01/2014 154864 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Auto 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 08/01/2014 3674864 | (ZeroConfigService) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
~ Services: Scanned in 00mn 03s



---\\ Scan Additionnel (O88)
Database Version : 13045 - (26/04/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0

~ Additionnel Scan: 184970 Items scanned in 00mn 09s



~ 820 Legitimates filtered by white list
End of the scan (402 lines in 00mn 29s)(0)

Publicité


Signaler le contenu de ce document

Publicité